Configure an Allowlist for Your Instance
Your allowlist can contain up to 15 rules for File Server and up to 15 rules for HTTPS connections to your Oracle Integration instance. The allowlist restrictions that you create are in addition to the standard authorization mechanisms, such as user credentials, which are always in place.
- Sign in to the Oracle Cloud Infrastructure Console.
- Open the navigation menu and click Developer Services. Under Application Integration, click Integration.
- In the Name column, click the instance to edit.
- On the Integration Instance Details page, below Resources in the lower left, select Network Access.
- Below the Network Access header, click Edit.One of the following dialogs is displayed:
- If your organization has enabled File Server but hasn't created its allowlist yet, the Apply HTTP Settings to File Server dialog is displayed.
- Otherwise, the Edit network access dialog is displayed. You can skip to step 7.
- If the Apply HTTP Settings to File Server dialog is
displayed, decide whether to apply your organization's HTTP allowlist rules to
File Server. Applying your HTTP rules to File Server can save you some time when setting up
your allowlist for File Server. Click
Apply to carry the rules over to File Server, or
click Ignore to skip this step.The Edit network access dialog is displayed.
- In the Edit network access dialog, make sure Restrict Network Access is selected so that you can add and apply allowlist rules.
When this option is selected, only users from networks that meet the configured settings are allowed to access your Oracle Integration instance. If you don't select this option, there are no allowlist rules, and therefore no network restrictions to access your instance.
Caution:
If you deselect Restrict Network Access after configuring allowlist rules, all configured allowlist rules are deleted. - If you want to allow Oracle Integration to call itself, select Enable Loopback.Note
If you enable loopback, any Oracle Integration instance in your region can call your instance.To call an integration from within your Oracle Integration instance, you can enable loopback, but Oracle recommends using the local invoke instead. If you use the local invoke for this scenario, you don't need to enable loopback. You also don't need a connection when using the local invoke.
Loopback is required for certain calls. You must enable loopback for the following scenarios:
- To invoke an Oracle Integration API from within an integration. Use a REST connection to call the API.
- To call your integration from another Oracle Integration instance.
This setting doesn't apply to File Server.
- Configure your allowlist rules.
- If you don't have any rules yet, you see a blank rule. If you already have rules, you'll need to click Add Rule, located below the last rule in the list, to add a new rule. You might need to scroll down to see the button.
- In the Protocol field, select an option.
- HTTP and File Server: Apply the rule to Oracle Integration and File Server.
- HTTP: Apply the rule only to Oracle Integration.
- File Server: Apply the rule only to File Server.
- In the Type field, select the type of rule to configure, and then specify the required information.
- IP Address/CIDR Block: Provide access to an IP address or a CIDR block (an IP address range).
- Virtual Cloud Network: Provide access to a specific virtual cloud network (VCN). To display a list of networks in other compartments, click Change Compartment. In addition to a specific VCN, you can specify an IP address or IP address range within the VCN.
- Virtual Cloud Network OCID (not available for File Server): Provide access to an Oracle Cloud ID (OCID) of the VCN. For information about the OCID format, see Resource Identifiers.
- To add another rule, click Add Rule.
- After adding all the desired rules to the allowlist, click Save.The work request is submitted and the changes go into effect when the instance status changes to Active. In the instance details, under Integration Instance Information, you'll also notice Network Access: Restricted.